What is Monero?
Originally launched in April 2014 as BitMonero, Monero (symbol XMR), means money in Esperanto. Monero, a fork of Bytecoin, is a secure, private and untraceable currency, built on the Cryptonote protocol and Ring Signatures.
Monero and it’s community is committed to 3 key values: (1) Security, (2) Privacy and (3) Decentralization
The Monero website elaborates further:
Users must be able to trust Monero with their transactions, without risk of error or attack.
Monero takes privacy seriously. Monero needs to be able to protect users in a court of law and, in extreme cases, from the death penalty.
Monero is committed to providing the maximum amount of decentralization.
Monero is based on an application level cryptographic protocol focused on privacy called Ring Signatures.
Ring Signatures were originally proposed at a 2001 Cryptography conference in Queensland, Australia called Asiacrypt, an international gathering for cryptography research. The authors of Ring Signatures included Ron Rivest, Adi Shamir, and Yael Tauman.
The core use case behind Monero is how transactions are not linkable or traceable. It does it have a block limit which allows flexibility in data management (block sizes) and scalability. Monero’s architecture requires much more cryptography and data around transactions.
It also has selective transparency which allows users to make certain transaction visible if desired. (E.g. an auditor or another party to prove the transaction)
A recent discovery of secret ASIC manufacturing of Monero miners has prompted the coin to be broken into
5 (now 6) different “coins”.
Ultimately, Monero uses ring signatures, ring confidential transactions (RCT) and stealth addresses to obfuscate transactions at the protocol level to protect both senders and receivers from eavesdropping.
Launched: April 14, 2014
Total coin supply: Initially 18.4 million coins (After this, there will be a permanent fixed production of 0.3 XMR per minute to balance out lost coins per year)
Algorithm: Proof of Work (PoW) using CryptoNight
Block reward: Smoothly varying
Block time: 120 seconds
Difficulty: Retargets at every block
Issues With Bitcoin That Monero Aims to Solve
This includes hard-coded constraints and natural elements of the design (such as block frequency, maximum amount of money supply, and # of confirmations required).
The traceability of both transaction amounts, as well as the sender/receiver, is publicly viewable automatically with Bitcoin unless specific steps are taken by the user.
The proof of work algorithm (PoW) has also violated the original Satoshi vision of “one-CPU-one-vote” with the advent of GPU and Application Specific Integrated Circuit (ASIC) hardware. This allows those miners to gain majority control (51%+) over the network and govern changes. (Like a fork, to keep the network going.)
Irregular emission refers to the construct where the Bitcoin rewards are halved every 4 years. The original intent was to create limited smooth emission with exponent decay. (More predictable not choppy pattern)
Instead, we have a piecewise linear emission (as pictured below) which creates the opportunity for a double spend attack. This is due to the network hash rate decrease at each halving. Note the “stairwell” like moves.
The Bytecoin Fork and details of its creation
Bytecoin is the first known implementation of the CryptoNote protocol with code produced entirely from scratch. But, why was Monero needed if there was already an implementation of this? Well, as always with Crypto, prepare for some drama.
As elaborated in this Monero subreddit from 3 years ago, there was not only a Bytecoin premine but also falsifying the blockchain to show a fair distribution. Then, there were 2 years of “crippled” code that could have been improved but was not. Ricardo Spagni aka “Fluffypony” said the Monero team fixed these problems in a few weeks.
Monero technology fundamentals
The main tech behind Monero is a balance of allowing the user to control their keys and operate privately with proven security mechanisms while also allowing malleability and development in the network. (E.g. variable blocksize, integration of Kovri)
How a normal (not fully anonymous) transaction works
The default set-up for Bitcoin transactions is completely transparent and pseudonymous if steps are not taken to obscure one’s identity and transactions (e.g. a VPN and mixing services). This means your IP address can be connected to your device (i.e. personal identity) with enough resources dedicated to connecting the two.
Ring Signature Transactions
Protecting the sender with Ring Signatures
Ring Signatures (shown above) are digital signatures where several signers sign a transaction. (Think: signing with a joint account but with no one knowing the true signer)
The sender generates a one-time spend key and the recipient is the only party that can detect and spend the money based on that key.
Key images, a cryptographic key, are derived from each output being spent and prevent double spending. This is because there’s one key image per output (expenditure) on the Blockchain.
Ring Confidential Transactions (RCT) hide the amount sent
The sender can reveal just enough information for the miners to confirm the transaction without disclosing publicly the total amount spent. (Known as a “commit”) This allows the transaction to be validated as authentic without losing the privacy as a user.
Stealth addresses make the recipient incognito
A stealth address, also known as a one-time public key prevents recipient’s funds being linked with their wallet. That address can be audited by a 3rd party to prove the transaction occurred. (With the sender sharing their public view key)
The recipient gets their funds through their wallets private view key which scans the blockchain. Once detected and retrieved by the wallet, a single use private key is created (corresponding with senders public key).
The recipient can now spend those funds using their private spend key. This occurs without the sender, recipient, nor the amount transacted publicly linked.
How Monero transactions work
This process is very succinctly explained in this Monero Bitcointalk thread (numbers go with a picture below):
“Bob decides to spend an output, which was sent to the one-time public key. He needs Extra (1), TxOutNumber (2), and his Account private key (3) to recover his one-time private key (4). When sending a transaction to Carol, Bob generates its Extra value by random (5). He uses Extra (6), TxOutNumber (7) and Carol’s Account public key (8) to get her Output public key (9).
In the input, Bob hides the link to his output among the foreign keys (10). To prevent double-spending he also packs the Key image, derived from his One-time private key (11). Finally, Bob signs the transaction, using his One-time private key (12), all the public keys (13) and Key Image (14). He appends the resulting Ring Signature to the end of the transaction (15).”
Key differences from other mainstream privacy protocols
How does Monero compare with alternate privacy-focused solutions?
The main point of differentiation with Monero is the CryptoNote implementation, which has been around since 2001 and has received significant peer-review around its functionality. (Traceable Ring signatures for example)
Two other implementations of privacy technology include:
ZeroCoin/ZeroCash – Using zero-knowledge proofs (ZKP) this protocol obscures the sender and the entire economy. Any exploits (such as creating false proofs/spending) wouldn’t be known until much later due to the anonymous nature of the network. One of the biggest risks is the lack of maturity and peer review behind the cryptography. Also, ZKP relied on the initial RSA private key generated to be destroyed by the creators. (As supposedly done in this computer burning ceremony)
CoinJoin is a mixing protocol that combines transaction but does not mask users, senders or transactions at a protocol level. Originally developed by bitcoin developer Gregory Maxwell, Coin Join is used by Dash, who leverages the Masternode (MN) model where users must possess 1000 DASH to host a MN. Critics say this creates a single point of failure as the individual nodes who provide the mixing service are vulnerable to Sybil attacks.
Kovri (based on I2P) Protects Users at a Protocol Level
Kovri is a free, decentralized, anonymous network layer developed by Monero that’s based on I2P’s core specifications. I2P’s core architecture operates similarly to TOR (which uses onion) except with Kovri it uses garlic encryption and routing to create private, protected network access.
Kovri (with its garlic routing) takes things a step further than TOR by creating an anonymous, message-based “overlay network” of internet peers. This “overlay-network” helps users to hide their geographical location and internet IP address thus making internet traffic anonymous.
How Monero Split into 5 forks (Actually 6 now)
As a result of discovering Monero ASIC manufacturing and secret mining (without the community’s knowledge), Monero decided to fork from its original algorithm due to the threat of centralized mining.
This prompted a bit of a “war against ASICs” by the community eager to preserve their core values of decentralization which is threatened by centralized mining players.
Covered more in-depth in this article, Monero has split into
five six, yes six, different coins. These new coins include: Monero 0 (XMZ), Monero Original (XMO), Monero Classic (XMC), Monero-Classic (yep, with a dash now), MoneroC (CXMR) and just announced recently MoneroV (XMV). The original Monero (XMR) still remains as well.
Critiques, Weaknesses, and Concerns
Although it appears Monero has many accolades, what are some of its weaknesses? As discussed in this subreddit there are a few:
- Privacy – There’s been the ability to track the IP address of the node that originated a transaction. This logging of IP addresses could cause de-anonymization of users.
- Mining Centralization – The majority of Monero mining is by 4 pools who each have no more than 20%. In addition, the advent of ASIC Monero mining further threatens the original ethos of “one-CPU-one-vote”, especially as things scale. (It was recently discovered that ASICs were being manufactured which has prompted a bit of a Crypto Miner algorithm battle to preserve decentralization)
- Darkweb PR – Although this is not a direct cause of the Monero team, it is worth noting as the branding and public perception is always something to keep in mind and could slow adoption as people fear its use for illicit purposes.
- Transaction size – Monero transactions are much larger than Bitcoin’s which requires more data and causes a larger blockchain which is continuously growing daily.
- Development Difficulty – The ability to incorporate with multi-coin wallets and other integrations that would make use more widespread have been slow.
- Limited Merchant Tools – The tools for merchants to integrate payments is difficult and hard to integrate at this time. However, there are more and more third-party services popping up to help remedy this.
Accomplishments to date
- Kovri fork, creating more secure transactions with an I2P layer in C++ – This version rebuilt from scratch leverages, I2P, known as the Invisible Internet Project is a TOR alternative which would add a secure layer for all transactions pushed to the network. This was after user anonimal pleaded with the Monero community who agreed to fund full-time development to make it a reality. (Gotta love crowdfunding)
- Monero Hardware wallet released – This project was organized and created as a funding mechanism in the Monero community called Forum Funding System (FFS) spearheaded by Michael Schloh von Bennewitz 15+ software and maker veteran as well as anonimal, Lead developer of Kovri. This is in addition to Ledger and Trezor integration in the works.
- Ledger support live for developers – Although not completely rolled out for users, people with developer kits can leverage this functionality. We appear to be on the homestretch for this being available for Ledger users.
- You can Pay on Overstock with Monero – Thanks to Shapeshift and their API, Overstock now accepts Monero as well as several other altcoins. This shows further credibility to have the more mainstream adoption.
How To Mine Monero
Although originally challenged by pool centralization, the recent fork away from ASIC miners caused the Monero (XMR) original pools hashrate to drop by more than 50%. This was prompted by the threat of secret ASIC mining that was significantly more efficient than GPUs. As a result, Monero still remains as a GPU mineable coin on What To Mine. A list of mining pools can be found here.
How to Store Monero
There are a variety of desktop wallets for Monero including Linux, Mac and Windows.
On the hardcore developer side, there are Arm (v7 & 8) OS for chipsets used in Mobile devices and well as a source Blockchain which allows users to procure a blockchain bootstrap from a raw file
Mobile and light wallets include Cake Wallet, Monerujo, and My Monero
Hardware has had some action with support for the Ledger Nano S live now with the dev kit and will be rolled out to other Ledger users soon. Monero also has an internally-built wallet plan that was funded by the community and is currently in development.
Monero, fork of Bytecoin, is a secure, private and untraceable currency, built on the Cryptonote protocol and Ring Signatures.
Monero and it’s community are committed to 3 key values: (1) Security, (2) Privacy and (3) Decentralization
Monero is based on an application level cryptographic protocol focused on privacy called Ring Signature originally proposed by Ron Rivest, Adi Shamir, and Yael Tauman.
The core use case behind Monero remains, namely how transactions are not linkable or traceable. A block limit exists to facilitate more flexible data management (block sizes) and scalability solutions. Monero’s architecture requires much more cryptography and data around transactions.
It also has selective transparency which allows users to make certain transactions visible if desired. (E.g. an auditor or another party to prove the transaction)
Although Monero has been a very steady and innovative player, this growth has not come without great struggles. The recent discovery of secret ASIC manufacturing of Monero miners has prompted the coin to be broken into 6 different “coins”.
This has not only divided the communities but raised concerns of not only network security but also what true decentralization means.
Despite these looming threats, the dedication of the team to building a robust and secure project continues. With privacy protocols like Kovri and hardware wallets like the Ledger Nano on the horizon of being integrated, this bodes well for the project as development milestones continue to be reached.
Keep this secure, privacy coin on your radar, its team is a leader in the industry and will be one to watch indefinitely.
CoinCentral's owners, writers, and/or guest post authors may or may not have a vested interest in any of the above projects and businesses. None of the content on CoinCentral is investment advice nor is it a replacement for advice from a certified financial planner.